tls: fix empty issuer/subject/infoAccess parsing
Also issuerCertificate but that did not fit on the status line. Fixes: https://github.com/nodejs/node/issues/11771 PR-URL: https://github.com/nodejs/node/pull/14473 Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Refael Ackermann <refack@gmail.com>
This commit is contained in:
parent
1b7372f2fb
commit
06a684aab4
@ -169,12 +169,12 @@ exports.translatePeerCertificate = function translatePeerCertificate(c) {
|
|||||||
if (!c)
|
if (!c)
|
||||||
return null;
|
return null;
|
||||||
|
|
||||||
if (c.issuer) c.issuer = tls.parseCertString(c.issuer);
|
if (c.issuer != null) c.issuer = tls.parseCertString(c.issuer);
|
||||||
if (c.issuerCertificate && c.issuerCertificate !== c) {
|
if (c.issuerCertificate != null && c.issuerCertificate !== c) {
|
||||||
c.issuerCertificate = translatePeerCertificate(c.issuerCertificate);
|
c.issuerCertificate = translatePeerCertificate(c.issuerCertificate);
|
||||||
}
|
}
|
||||||
if (c.subject) c.subject = tls.parseCertString(c.subject);
|
if (c.subject != null) c.subject = tls.parseCertString(c.subject);
|
||||||
if (c.infoAccess) {
|
if (c.infoAccess != null) {
|
||||||
var info = c.infoAccess;
|
var info = c.infoAccess;
|
||||||
c.infoAccess = {};
|
c.infoAccess = {};
|
||||||
|
|
||||||
|
55
test/parallel/test-tls-translate-peer-certificate.js
Normal file
55
test/parallel/test-tls-translate-peer-certificate.js
Normal file
@ -0,0 +1,55 @@
|
|||||||
|
'use strict';
|
||||||
|
const common = require('../common');
|
||||||
|
|
||||||
|
if (!common.hasCrypto)
|
||||||
|
common.skip('missing crypto');
|
||||||
|
|
||||||
|
const { strictEqual, deepStrictEqual } = require('assert');
|
||||||
|
const { translatePeerCertificate } = require('_tls_common');
|
||||||
|
|
||||||
|
const certString = 'A=1\nB=2\nC=3';
|
||||||
|
const certObject = { A: '1', B: '2', C: '3' };
|
||||||
|
|
||||||
|
strictEqual(translatePeerCertificate(null), null);
|
||||||
|
strictEqual(translatePeerCertificate(undefined), null);
|
||||||
|
|
||||||
|
strictEqual(translatePeerCertificate(0), null);
|
||||||
|
strictEqual(translatePeerCertificate(1), 1);
|
||||||
|
|
||||||
|
deepStrictEqual(translatePeerCertificate({}), {});
|
||||||
|
|
||||||
|
deepStrictEqual(translatePeerCertificate({ issuer: '' }),
|
||||||
|
{ issuer: {} });
|
||||||
|
deepStrictEqual(translatePeerCertificate({ issuer: null }),
|
||||||
|
{ issuer: null });
|
||||||
|
deepStrictEqual(translatePeerCertificate({ issuer: certString }),
|
||||||
|
{ issuer: certObject });
|
||||||
|
|
||||||
|
deepStrictEqual(translatePeerCertificate({ subject: '' }),
|
||||||
|
{ subject: {} });
|
||||||
|
deepStrictEqual(translatePeerCertificate({ subject: null }),
|
||||||
|
{ subject: null });
|
||||||
|
deepStrictEqual(translatePeerCertificate({ subject: certString }),
|
||||||
|
{ subject: certObject });
|
||||||
|
|
||||||
|
deepStrictEqual(translatePeerCertificate({ issuerCertificate: '' }),
|
||||||
|
{ issuerCertificate: null });
|
||||||
|
deepStrictEqual(translatePeerCertificate({ issuerCertificate: null }),
|
||||||
|
{ issuerCertificate: null });
|
||||||
|
deepStrictEqual(
|
||||||
|
translatePeerCertificate({ issuerCertificate: { subject: certString } }),
|
||||||
|
{ issuerCertificate: { subject: certObject } });
|
||||||
|
|
||||||
|
{
|
||||||
|
const cert = {};
|
||||||
|
cert.issuerCertificate = cert;
|
||||||
|
deepStrictEqual(translatePeerCertificate(cert), { issuerCertificate: cert });
|
||||||
|
}
|
||||||
|
|
||||||
|
deepStrictEqual(translatePeerCertificate({ infoAccess: '' }),
|
||||||
|
{ infoAccess: {} });
|
||||||
|
deepStrictEqual(translatePeerCertificate({ infoAccess: null }),
|
||||||
|
{ infoAccess: null });
|
||||||
|
deepStrictEqual(
|
||||||
|
translatePeerCertificate({ infoAccess: 'OCSP - URI:file:///etc/passwd' }),
|
||||||
|
{ infoAccess: { 'OCSP - URI': ['file:///etc/passwd'] } });
|
Loading…
x
Reference in New Issue
Block a user